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Sir: 

This paper accompanies documents submitted to establish the U.S. national 
stage of the above-identified international patent application. 

The international patent application was amended under PCT Article 34 and the 
claims as-amended in the English language are annexed to the International 
Preliminary Examination Report (IPER). 

IN THE CLAIMS : 

Please amend the translated claims as annexed to the IPER as shown on the 
appended APPENDIX OF CLAIMS, which includes amended and non-amended claims. 
Also appended hereto an APPENDIX OF MARKED UP CLAIMS showing the changes 
which have been made. 
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APPENDIX OF CLAIMS 

1 . A method for protecting the program run at the call of subprograms, the called 
program performing, before or during the program execution, a check of the data 
passed directly or indirectly from the calling program, characterized in that 

- the calling program forms a first check sum for the parameters to be 
passed (step 2), 

- said first check sum is stored in a specially provided memory area, 

- the called program forms, before its execution, a second check sum for 
the received parameters (step 5) and checks it for equality with the first check sum (step 
6), and 

- in case of inequality of the first and second check sums the program is 
terminated (step 7) or an error message outputted. 

2. A method for protecting the program run at the call of subprograms, the called 
program performing, before or during the program execution, a check of the data 
passed directly or indirectly from the calling program, characterized in that upon call of 
a subprogram a timer is started (step 22) which counts the number of clock cycles 
required for executing the program and terminates the program if the preset number of 
clock cycles was exceeded before termination of the subprogram (step 26). 

3. A method according to claim 1, characterized in that the memory area for 
storing the check sum is a RAM or register area. 

4(Amended). A method according to claim 1 , characterized in that the return ad- 
dresses of the calling function are entered in a table and the called program checks the 
return address reported by the calling program (step 13) by checking the presence of 
said return address on the basis of the table. 
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International Application No. PCT/E POO/09 131 
Attorney Docket: BALD3006/JEK 



5(Amended). A method according to claim 2, characterized in that the timer 
value is read at certain preset points (step 24) and compared with a likewise preset 
intermediate value (step 25) and the program is terminated if the preset intermediate 
value was exceeded (step 26). 
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APPENDIX OF MARKED UP VERSION OF CLAIMS 

1 . A method for protecting the program run at the call of subprograms, the called 
program performing, before or during the program execution, a check of the data 
passed directly or indirectly from the calling program, characterized in that 

- the calling program forms a first check sum for the parameters to be 
passed (step 2), 

- said first check sum is stored in a specially provided memory area, 

- the called program forms, before its execution, a second check sum for 
the received parameters (step 5) and checks it for equality with the first check sum (step 
6), and 

- in case of inequality of the first and second check sums the program is 
terminated (step 7) or an error message outputted. 

2. A method for protecting the program run at the call of subprograms, the called 
program performing, before or during the program execution, a check of the data 
passed directly or indirectly from the calling program, characterized in that upon call of 
a subprogram a timer is started (step 22) which counts the number of clock cycles 
required for executing the program and terminates the program if the preset number of 
clock cycles was exceeded before termination of the subprogram (step 26). 

3. A method according to claim 1, characterized in that the memory area for 
storing the check sum is a RAM or register area. 

4(Amended). A method according to [any of claims 1 to 3] claim 1 , characterized 
in that the return addresses of the calling function are entered in a table and the called 
program checks the return address reported by the calling program (step 13) by 
checking the presence of said return address on the basis of the table. 
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5(Amended). A method according to claim 2 [or 4], characterized in that the 
timer value is read at certain preset points (step 24) and compared with a likewise 
preset intermediate value (step 25) and the program is terminated if the preset 
intermediate value was exceeded (step 26). 
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^ (57) Abstract: The invention relates to a method for protecting the program flow during sub-program calls. Known methods for 
G> protecting data contract the evaluation of data by specific interruption of the program, do not however offer any effective protection 

Ofor modular programs, especially with regard to sub-program calls. According to the invention, the requested program therefor 
. checks the data communicated directly or indirectly by the requesting program before or during the execution of the program. 

[Fortsetzung auf der nachsten Seite] 
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Method for protecting a program run 

The present invention relates to a method for protecting the program run accord- 
ing to claim 1. 

In particular with security-relevant applications, for example in the area of IC 
cards, it is necessary to protect the program run from unauthorized manipulation. For 
protecting secret data, for example secret key data, it is known to store the data to be 
protected in encrypted form in order to prevent readout by unauthorized persons. 

Access to secret data can also be effected, however, by selectively interrupting 
the program run resulting in errors in the encryption routines from which the secret 
data can be inferred after repeated selective interruption. 

To avoid such attacks it is necessary to reliably recognize errors or disturbances 
of the program run. German patent DE 37 09 524 C2 discloses a method for checking 
the memory cell contents of a program memory in a computer. Therein, several check 
sums are stored which are formed from memory cell contents of different address and 
data memory areas. The check sums are determined at the onset of and/or during com- 
puter operation and compared with the stored check sum. Upon ascertainment of a de- 
viation an error signal is outputted. 

The method known from DE 37 09 524 C2 is suitable mainly for checking the 
correctness of data used in a program. It disregards the fact that manipulation of the 
program run can be effected also or in particular upon program calls, i.e. upon execu- 
tion of sub- or function programs. 

It is therefore the problem of the present invention to state a method allowing a 
reliable check of modularly constructed programs, in particular upon subprogram calls. 

This problem is solved according to the invention by the called program perform- 
ing a data check which ascertains reliable transfer of the data to be passed from the 
calling program. 

The invention achieves additional security which guarantees not merely that in- 
dividual program parts are executed reliably and completely but that the total program 
run is undisturbed and free from manipulation. 

An advantageous embodiment of the invention provides that the calling program 
first forms a check sum for the parameters passed from the calling program to the 
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called program, said check sum being stored in a specially provided memory area. Af- 
ter the parameters are passed the called program also forms a check sum for the re- 
ceived parameters. If the check sums formed by the calling and called programs are 
different, the program is terminated. 

In this way it can be ensured that a function program, in particular a function 
program executing security-relevant data, is already examined for manipulation at the 
onset, so that the start of the called program with faulty parameters can be prevented 
from the start and no evaluation of the erroneous data is permitted. 

The memory area provided for storing the check sum is preferably created in a 
RAM or register area. 

A further or alternative embodiment for forming the check sum for the parame- 
ters to be passed results from the check of the return addresses. The return addresses of 
the calling functions are entered in a table and the called program can check by means 
of said table whether the return address transmitted by the calling program is present in 
the table. In case of a faultily reported return address, the program can be interrupted. 

A further alternative or additional security check can be effected by starting a 
timer upon call of a subprogram or function program. Said timer counts the clock cy- 
cles necessary for executing the program. The number of clock cycles required for the 
regular subprogram run is first preset as the limiting value for the timer. The program 
is terminated if the number of preset clock cycles was exceeded before the end of the 
subprogram. 

The timer value is advantageously also read at certain preset points of the sub- 
program and compared with likewise preset intermediate values. In this case as well, 
the program is terminated if the preset intermediate value was exceeded. 

In the following, the invention will be explained in more detail with reference to 
Figs. 1 to 3, in which: 

Figure 1 shows a flowchart for the check by means of check sum, 

Figure 2 shows the flow for the check by means of return address table, 

Figure 3 shows the flow for the check by means of timer. 
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Figure 1 describes the run of a subprogram call, in particular a function call, 
function steps 1 to 3 relating to the program to be called and function steps 4 to 8 relat- 
ing to the evaluation of the subprogram. 

In the program to be called the parameters necessary for executing the subpro- 
gram are first provided in step 1. For said parameters a check sum is formed in step 2, 
consisting in the simplest case of a parity check. Common methods for check sum 
formation, e.g. CRC (cyclical redundancy check) or EDC, can of course also be em- 
ployed. The thus determined check sum is written to a specially provided memory 
area. Said memory area may be a volatile memory (RAM) or a nonvolatile, rewritable 
memory (e.g. EEPROM). 

Subsequent to the formation and storage of check sum 1 the subprogram call 
takes place in step 3. Step 4 is the onset of execution of the subprogram. In said sub- 
program, check sum 2 is first formed for the passed parameters. Said check sum is 
formed by the same method used for determining check sum 1 in the calling program. 

Next, a check of check sums PS1 and PS2 for equality is effected in step 6. If it is 
ascertained in step 6 that the two check sums are unequal, it can be assumed that an 
error has occurred in the passing of the program parameters, which may be an indica- 
tion of an intended disturbance aimed at determining secret data. As a measure, the 
program can be ended in step 7 or corresponding alternative measures are taken, for 
example an error message to the main program. 

If it is ascertained in step 6 that that check sums PS1 and PS2 are equal, the ac- 
tual function execution is begun. 

Figure 2 shows a possibility of program protection by checking the return ad- 
dresses. Return addresses are stacked by hardware at the function call. In the present 
case the information is thus likewise passed from the calling program (e.g. return ad- 
dresses) to the subprogram in step 1 1 at the subprogram call. According to the inven- 
tion, the return addresses are managed in table 17 and upon execution of the subpro- 
gram the return addresses - insofar as they are stored in RAM - are first examined for 
consistency in step 12, to be checked on the basis of table 17 in step 13. If it was ascer- 
tained in step 14 that the passed return address is not present in the table, the program 
is ended with step 15. Otherwise the execution of the function program is begun in 
step 16. 
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Figure 3 shows an embodiment in which the correct program run or the undis- 
turbed program run is checked by means of a timer. Directly after the start of the sub- 
program in step 21a timer is started in step 22. Said timer is designed to measure the 
time or count the clock cycles required for executing the subprogram. Subsequent to 
the start of the timer in step 22, the function of the subprogram is executed with step 
23 and the timer is stopped in step 24 after the end of the function. In step 25 it is 
checked whether the number of clock cycles required for executing the function pro- 
gram matches the preset number of clock cycles. If there is no match, the program is 
ended with step 26. Otherwise the program execution is continued in step 27, for ex- 
ample by jumping back to the main program. 

Figure 3 shows that the timer is stopped and checked after the run of the function 
or function program. In practice, security can be increased by providing certain points 
in the function program where the timer is additionally checked. This might prevent 
the function program from being largely executed despite an error or attack. 

Alternatively it can also be provided that the timer value is compared continu- 
ously with a limiting value after the start and the program terminated if said limiting 
value has been reached or exceeded. 

The individual examples according to Figures 1 to 3 have been shown as inde- 
pendent, alternative measures. Security can be increased by combining the examples. 
The greatest security is obtained by parallel checks by check sum, return address and 
timer. 
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Claims 

1 . A method for protecting the program run at the call of subprograms, the called 
program performing, before or during the program execution, a check of the data 
passed directly or indirectly from the calling program, characterized in that 

- the calling program forms a first check sum for the parameters to be passed, 

- said first check sum is stored in a specially provided memory area, 

- the called program forms, before its execution, a second check sum for the re- 
ceived parameters and checks it for equality with the first check sum, and 

- in case of inequality of the first and second check sums the program is termi- 
nated or an error message outputted. 

2. A method for protecting the program run at the call of subprograms, the called 
program performing, before or during the program execution, a check of the data 
passed directly or indirectiy from the calling program, characterized in that upon 
call of a subprogram a timer is started which counts the number of clock cycles 
required for executing the program and terminates the program if the preset 
number of clock cycles was exceeded before termination of the subprogram. 

3. A method according to claim 1, characterized in that the memory area for storing 
the check sum is a RAM or register area. 

4. A method according to any of claims 1 to 3, characterized in that the return ad- 
dresses of the calling function are entered in a table and the called program 
checks the return address reported by the calling program by checking the pres- 
ence of said return address on the basis of the table. 

5. A method according to any of claims 2 to 4, characterized in that the timer value 
is read at certain preset points and compared with a likewise preset intermediate 
value and the program is terminated if the preset intermediate value was ex- 
ceeded. 
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Abstract 

The invention relates to a method for protecting the program run at the call of 
subprograms. Known data protection methods counteract an evaluation of data by se- 
lective program interruption, but offer no effective protection for modularly con- 
structed programs, in particular at the call of subprograms. According to the invention, 
the called program therefore performs, before or during the program execution, a 
check of the data passed directly or indirectly from the calling program. 
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the duty to disclose information which is material to patentability as defined in Title 37, Code of Federal Regulations, §1 56 which became 
available between the filing date of the prior apphcation(s) and the national or PCT international filing date of this application: 



Application Number 



Filing Date 



Status - Patented, Pending or 
Abandoned 



□ Additional US/PCT Priority Application(s) listed on Following Page(s) 
I hereby declare that all statements made herein of my own knowledge are true and that all statements made on information and belief 
are believed to be true; and further that these statements were made with the knowledge that willful false statements and the like so made are 
punishable by fine or imprisonment, or both, under section 1001 of title 18 of the United States Code and that such willful false statements may 
jeopardize the validity of the application or any patent issued thereon. 

POWER OF ATTORNEY: I (We) hereby appoint as my (our) attorneys, with full powers of substitution and revocation, to prosecute 
this application and transact all business in the Patent and Trademark Office connected therewith: J. Ernest Kenney, Reg. No. 19,179; Eugene 
Mar, Reg. No. 25,893; Richard E. Fichter, Reg. No. 26,382; Thomas J. Moore, Reg. No. 28,974; Joseph DeBenedictis, Reg. No. 28,502; 
Benjamin E. Urcia, Reg. No. 33,805; and 

I(we) authorize my(our) attorneys to accept and follow instructions from Klunker, Schmitt-Nilson, Hirsch regarding any matter related 

to the preparation, examinati<™ gr^t-anri maintenance of this application, any continuation, continuation-in-part or divisional based thereon, and 
any patent resulting ^i&f€iv^S^rTVttl{ we) or myfo&E^assigns withdraw this authorization in writing. 



Send corresi 




ACON & THOMAS, PLLC 

'625 Slaters Lane - 4 th Floor 
Alexandria, VA 22314-1176 



Telephone Calls to: J. Ernest Kenney 
(703) 683-0500 



Full Name of First or Sole Inventor 

Michael BALDISCHWEILER 


Citizenship 

Germany 


Residence Address 

Hansjakobstrasse 99, 81825 Munchen Germany 

~ £>&X 


Post Office Address is the same as Residence Address unless 

OTHERWISE SHOWN BELOW 







O See following page(s) for additional joint inventors. 
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